Tuesday, December 13, 2011

Random notes

After so many years, it is good to see so much activity around UEFI Secure Boot and the proposed usage of this capability in upcoming operating systems. The UEFI Forum www.uefi.org has been working on refining this capability since the publication of the UEFI 2.0 specification in 2006, culminating in its present form in the UEFI 2.3.1a specification published this year.

This paper has shown that the future of extensible platform firmware beyond BIOS holds many perils and opportunities. The perils include the new ability to have extensible code loading in the pre-operating system regime, but the opportunities include the use of measured and secure boot to harden the platform and authorize code loading. And in a world of ever-more-secure operating systems, the pre-OS may become a more interesting target for the Blackhat's of the world. As such, these UEFI protections are even more important to implement.

The paper also describes how the UEFI RTV complements a Trusted Computing Group Trusted Platform Module (TPM) Root of Trust for Storage/Recording (RTS/RTR) and a UEFI based Root of Trust for Measurement (RTM) to work in tandem with the TPM. Finally, the paper describes using formal integrity models like Clark-Wilson to decompose a system and the use of UEFI Capsule updates to have a cryptographically-assured update of the underlying UEFI Platform Initialization (PI)-based UEFI features.